class UserSessionsController < ApplicationController
  access_control do
    allow logged_in, :to => :destroy
    allow anonymous, :to => [:new, :create]
  end

  def new
    @user_session = UserSession.new
  end
  
  def create
    @user_session = UserSession.new(params[:user_session])
    if @user_session.save
      flash[:notice] = "Logged in successfully"
      redirect_back_or_default root_url
    else
      render :new
    end
  end
  
  def destroy
    current_user_session.destroy
    flash[:notice] = "Logged out"
    redirect_to login_url
  end
end
